Data Breach Today Podcast

Too many organizations have too many disjointed security controls, says Vijay Bharti of Happiest Minds. What do they need? An integrated cybersecurity approach that includes analytics, machine learning and a higher degree of automation.

An analysis of the GOP platform, which takes a tough stand against Chinese and Russian hackers and suggests 'hack back' as a suitable cyber defense, highlights this edition of the ISMG Security Report. Also featured: reports on mitigating Pokémon Go risks and the growth of the IT security workforce.

Security vendor Novetta recently led an independent investigation into the 2014 Sony breach. What lessons were learned, and how do they apply to today's threat landscape? Novetta's Peter LaMontagne shares key findings.

While enterprises rebuild or upgrade their security programs, they must guard against over emphasizing technology investments while neglecting staffing issues, says Ben Johnson, chief security strategist at Carbon Black.

By tracking "Indicators of Exposure" - the top techniques attackers could use to hack into any individual enterprise - organizations can better defend themselves against network intrusions and data breaches, says Gidi Cohen, CEO of Skybox Security.

The Asian security landscape continues to change dramatically, and ransomware and cyber extortion are among the emerging trends increasing in frequency and volume. Kaspersky Lab's Vitaly Kamluk shares insights and advice.

Mobile health applications, wearable fitness trackers and even social media sites are creating new privacy risks for health information because the data collected, shared and used falls outside the regulatory scope of HIPAA, says Lucia Savage of the Office of the National Coordinator for Health IT.

Examining the human factor in the age of cyber conflict and the new healthcare challenge concerning ransomware highlight this edition of the ISMG Security Report. Also, hackers target the Republican convention.

FireEye has dealt with more disruptive data breaches over just the past year than it has since the company was founded 12 years ago. Charles Carmakal, vice president with the company's Mandiant forensics unit, shares tips for handling a breach.

An analysis of the record of the U.K.'s new prime minister, Theresa May, on cybersecurity and online privacy and a report on efforts to create an antidote to ransomware highlight this edition of the ISMG Security Report.

In the wake of the controversy over Hillary Clinton's use of private email servers, President Obama voices his concerns about the state of federal government IT security in this edition of the ISMG Security Report.

In the wake of the Hillary Clinton email controversy, organizations need to be more aware of the risks of unsanctioned "shadow IT" and take appropriate mitigation steps, says security expert Mac McMillan.

A bitter battle flares up in the fiercely competitive endpoint protection products market, and uncovering the real impact over Hillary Clinton's email server. These items highlight this edition of the ISMG Security Report.

Missing from the analysis and debate regarding the U.S. government's decision not to prosecute presumptive Democratic Party presidential candidate Hillary Clinton for using a private email server while secretary of state is this simple fact: Secure IT systems aren't tailored to function the way people behave.

Healthcare entities should take several critical steps to minimize the security risks posed by older, legacy medical devices used in their organizations, says medical device cybersecurity expert Kevin Fu.

One of the core values of the cybersecurity framework is to facilitate communication among various stakeholders coming from different technical and managerial backgrounds who must collaborate to build secure IT systems, NIST Program Manager Matt Barrett explains in an interview.

More than 200,000 internet-connected systems remain vulnerable to the OpenSSL vulnerability known as Heartbleed, more than two years after the flaw was publicly announced and related patches released, warns security researcher Billy Rios.

Now a Ukraine bank has reported suffering a $10 million hacker heist via fraudulent SWIFT transfers. Also hear about why attackers often use legitimate IT administrator tools, and organizations' growing use of deception technologies and strategies.

Ten years after the launch of the PCI Data Security Standards Council, the key to ensuring ongoing compliance with the PCI Data Security Standard is winning CEO buy-in worldwide, says Stephen Orfei, general manager of the council.

The need for PCI-DSS compliance is being embraced in Southeast Asia and the Middle East, with adoption of PCI standards increasing dramatically over the last five years, says Dharshan Shanthamurthy, CEO of SISA Information Security, who shares insights about why PCI adoption is likely to continue to grow.